Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Sunshine Photo Cart — Vulnerabilities & Security Advisories 17

All 17 CVE vulnerabilities found in Sunshine Photo Cart, with AI-generated Chinese analysis, references, and POCs.

Vendor: WP Sunshine

CVE IDTitleCVSSSeverityPublished
CVE-2026-39564 WordPress Sunshine Photo Cart plugin < 3.6.2 - Sensitive Data Exposure vulnerability CWE-201 7.5AIHighAI2026-04-08
CVE-2025-67973 WordPress Sunshine Photo Cart plugin <= 3.5.6.2 - Broken Access Control vulnerability CWE-862 6.5 Medium2026-02-20
CVE-2026-24994 WordPress Sunshine Photo Cart plugin <= 3.5.7.2 - Broken Access Control vulnerability CWE-862 9.1AICriticalAI2026-02-03
CVE-2025-68535 WordPress Sunshine Photo Cart plugin <= 3.5.7.1 - Broken Access Control vulnerability CWE-862 4.3 Medium2025-12-24
CVE-2025-62892 WordPress Sunshine Photo Cart plugin <= 3.5.3 - Broken Access Control vulnerability CWE-862 5.3 Medium2025-10-27
CVE-2025-31084 WordPress Sunshine Photo Cart plugin <= 3.4.10 - PHP Object Injection Vulnerability CWE-502 9.8 Critical2025-04-01
CVE-2022-45826 WordPress Sunshine Photo Cart plugin <= 2.9.13 - Auth. Broken Access Control vulnerability CWE-862 5.4 Medium2024-12-13
CVE-2024-49697 WordPress Sunshine Photo Cart plugin <= 3.2.9 - Broken Access Control vulnerability CWE-862 4.3 Medium2024-11-19
CVE-2024-47314 WordPress Sunshine Photo Cart plugin <= 3.2.8 - Broken Access Control vulnerability CWE-862 7.1 High2024-11-01
CVE-2024-44038 WordPress Sunshine Photo Cart plugin <= 3.2.9 - Broken Access Control vulnerability CWE-862 5.3 Medium2024-11-01
CVE-2024-43136 WordPress Sunshine Photo Cart plugin <= 3.2.1 - Broken Access Control vulnerability CWE-862 4.3 Medium2024-11-01
CVE-2024-50463 WordPress Sunshine Photo Cart plugin <= 3.2.9 - Open Redirection vulnerability CWE-601 4.7 Medium2024-10-28
CVE-2024-43971 WordPress Sunshine Photo Cart plugin <= 3.2.5 - Cross Site Scripting (XSS) vulnerability CWE-79 7.1 High2024-09-17
CVE-2024-30221 WordPress Sunshine Photo Cart plugin <= 3.1.1 - PHP Object Injection vulnerability CWE-502 5.4 Medium2024-03-28
CVE-2024-30194 WordPress Sunshine Photo Cart plugin <= 3.1.1 - Reflected Cross Site Scripting (XSS) vulnerability CWE-79 7.1 High2024-03-27
CVE-2022-40692 WordPress Sunshine Photo Cart Plugin <= 2.9.13 is vulnerable to Cross Site Request Forgery (CSRF) CWE-352 5.4 Medium2023-02-02
CVE-2022-4301 Sunshine Photo Cart < 2.9.15 - Reflected XSS 6.1 -2023-01-09

All 17 known CVE vulnerabilities affecting Sunshine Photo Cart with full Chinese analysis, references, and POCs where available.